package com.loren.oauth.web.filter;

import com.loren.oauth.data.constant.DataConstant;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class UserAuthorizeFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        if (StringUtils.equals(DataConstant.AUTH_LOGIN_URL, request.getRequestURI())
                && StringUtils.equalsIgnoreCase(request.getMethod(), "post")) {
            String account = request.getParameter("account");
            String password = request.getParameter("password");
            if (StringUtils.isBlank(account) || StringUtils.isBlank(password)) {
                request.getSession().setAttribute(DataConstant.ERROR_LOGIN_FLAG, "账号或密码不能为空");
                response.sendRedirect(DataConstant.AUTH_LOGIN_URL);
                return;
            }
        }
        filterChain.doFilter(request, response);
    }
}
